Version 4.14.0 Scheduled Release is out for pfSense® and ASUS® and VyOS® as of 25 November 2024.
It includes a few improvements and fixes as outlined in previous 4.13 rapid releases. The most significant improvements are:
Muscle changes on all platforms:
- Fixed problem in case (in)sensitive FQDNs where some upper-case domains weren’t responded the same as lower-case of the same
- Fixed an issue with an Enabler not taking effect on a schedule change
- Fine-tuned delegate memory manager
- Fixed a bug when two sequential schedule blocks used the same policy
- Added support for DTTS learning mode with
--dtts-learning-mode
- Removed reverse cache lookups for
PTR
typein-addr.arpa
queries - Added feature to disable auto-generation of internal PTR records with
--disable-synthetic-ptr-answers
- Fixed an issue with incorrectly updating LastSeen
- Optimized Reflex-unreachable DNS responses with
noerror
DNS responses in order to avoid browser caching for short connectivity disruptions - MyTools live log now displays current policy name vs schedule policy name
- Syslog entries with
DNS=
now shows query/answer latency - Changed accepted DoH application subtype to
dns+json
as per RFC8427 - Added RFC7873 support | Incoming and outgoing cookies
- Added RFC8914 support | Extended DNS Errors
- Added RFC9156 support, re-worked recursion to support qname minimisation and CNAME recursion
- Added RFC9606 support | DNS Resolver Information
- Added support for RESINFO resource record type
- Added support for enablers associated with a subnet-based default profile
- Update checkin protocol for default profiles per subnet
- Re-introduced strict CNAME flattening (off by default) to get rid of all CNAMES even if there are no other records
- Blocked
*.resolver.arpa
queries from getting out recursively - Substantial performance improvements in the packet monitor
- Other significant improvements and fixes
pfSense® changes:
- Support for pfSense+ 24.11 (rather than basing it on FreeBSD version).
ASUS® changes:
- script updates to introduce
extra_http_listener
which can be used to addlo
interface, for example
VyOS® changes:
- added functionality for immediate DNS responses to unknown layer 3 connections by default policy even before enrolment)
Special thanks to all the testers that made this possible.
For installation of adam:ONE® see:
- pfSense®: adamnet.io/pfsense
- ASUS®: adamnet.io/asus
- VyOS®: adamnet.io/vyos
Note on automatic upgrades
During adamone-setup configure
installation wizard, we recommend the default to automatically upgrade adam:ONE® software. When that default is selected, the attempt will be made based on contents in /etc/crontab
(pfSense®) or cru l
(on ASUS®).
However, in some circumstances, the internet will fail after automatic upgrade, specifically if these conditions are all met:
- your pfSense is older than what is listed at adamnet.io/pfsense
Disable the Dashboard auto-update check
is checked (System → Update → Update Settings)- the cronjob has executed and upgraded to
4.14.0
The solution is to:
- upgrade pfSense®
- re-install adam:ONE®
Thank you
– Adam Networks team